- Introduction – what to expect
The UK Bribery Act 2010 (the “Bribery Act”) came into force on 1 July 2011 and with it comes an even wider application than the US Foreign Corrupt Practices Act 1977 (“FCPA”). Although companies may consider that their anti-corruption policies and procedures (whatever they may be) are sufficient for the purposes of the FCPA, general corporate governance and / or audit compliance, this may not necessarily be the case with the Bribery Act. It is, therefore, important for companies (including those companies operating globally) to:
- take a step back and review and assess their current internal policies and procedures / programmes;
- be aware of the requirements in the Bribery Act;
- be prepared of the implications arising from the Bribery Act (including understanding the differences between the FCPA and the Bribery Act);
- comprehend the relevant international sanctions that could be applicable when conducting business deals.
Following a review and assessment of current internal policies and procedures / programmes, often companies find that such policies and procedures / programmes may need to be improved or implement new ones in order to have in place an ‘adequate’ system so as to prevent persons ‘associated’ with the relevant company from undertaking acts of bribery. This will be further discussed below.
- Key offences under the Bribery Act that companies need to know
The four key offences are as follows:
- an offence of bribing; i.e. promise, offer or giving a financial or other advantage (active bribery)
- an offence of being bribed; i.e. requesting, agreeing to receive or accepting a financial or other advantage (passive bribery)
- an offence of bribery of foreign public officials
- a corporate criminal offence of failing to prevent bribery (corporate offence)
The offences in I., II. and III. apply to individuals and corporations. For the offence of bribing and the offence of bribery of foreign public officials, it does not matter if the advantage is offered, promised or given directly or through a third party.
The offence in IV. applies to corporations. It will be easier to convict a corporation for this offence because it is a strict liability offence with only one possible defence (see below).
Under the Bribery Act, an individual can be prosecuted and liable for an offence of up to ten years imprisonment and/or to an unlimited fine. A corporation found guilty is subject to an unlimited fine.
- Why should companies be concerned?
- The Bribery Act creates a new corporate criminal offence – i.e. failing to prevent bribery by an associated person (i.e. anyone who performs services for or on behalf of the corporation / organisation and these include, for example, employees, agents, distributors, sub-contractors, joint venture partners and subsidiaries that perform services for their parent company). Unlike the FCPA, an associated person under the Bribery Act is not defined and left vague and could include persons where there is no formal relationship with the corporation / organisation in question. All the relevant circumstances, and not merely the relationship, between the corporation / organisation and the ‘associated’ person will need to be looked at.
- The corporate offence is a strict liability offence which means the corporation / organisation commits an offence even if it does not have knowledge of all the relevant factors – subject to a defence that the corporation / organisation had adequate procedures (see c. below). This offence also applies to corporations and partnerships formed in the UK and those that are formed outside the UK if they conduct business, or part of a business, in the UK even where the underlying conduct occurs outside the UK. The Act does not elaborate what constitutes the carrying on of a ‘part of a business’ in the UK...so this will be an issue for the courts to determine. The law also applies to a person who has a ‘close connection’ with the UK; for example, British citizens and British Nationals (Overseas). Therefore, the Bribery Act’s extra- territorial (in that it extends to foreign corporations and conduct outside the UK) is arguably broader than that of the FCPA.
- There is only one defence to the corporate offence – i.e. the corporation must prove that it had adequate procedures in place designed to prevent persons ‘associated’ with it from undertaking acts of bribery. The UK Secretary of State has provided guidance on the extent and meaning of ‘adequate procedures’ – see summary in 4. below.
Therefore, the Bribery Act goes beyond the FCPA in many ways. As such, it may not be safe for corporations to simply rely on their existing FCPA compliance policies and procedures / programmes for protection against liability under the Bribery Act. Corporations will need to check that their policies and procedures / programmes will be viewed as adequate for the purposes of the Bribery Act.
- Unlike the FCPA, the Bribery Act criminalises private sector bribery and public sector bribery where there is no exemption for ‘facilitation payments’ or for corporate promotional expenditure. Further, the Bribery Act makes no requirement for a corrupt or improper intent – unlike the FCPA where it must be proved that the person offering the bribe did so with intent.
- The penalties for corporations are high – criminal conviction, unlimited fines and – possibly – permanent exclusion from government contracts across the European Union.
- UK prosecutors have taken a greater interest in prosecuting overseas corruption. In addition, UK courts have adopted the view that UK fines for corruption should be comparable with the heavy fines imposed by the US authorities.
- What are ‘adequate’ procedures?
As mentioned above, a corporation’s defence to the corporate offence is that the corporation must prove it had adequate procedures in place to prevent associated persons from undertaking acts of bribery. The UK Secretary of State’s guidance on ‘adequate procedures’ is a helpful starting point for companies and companies operating globally. The guidance can be summarised as follows:
- Risk assessment – as a necessary initial step, conduct an assessment of a corporation’s exposure to bribery risk. This will require a careful development of risk assessment procedures so as to identify internal risk and external risk factors such as country, transaction and business partnership risks.
- Proportionate procedures - once a risk assessment has been conducted, the relevant anti- bribery policies and procedures that are tailored to be proportionate to the risks the corporation faces can then be formed and introduced. Bribery prevention procedure may be stand alone or form part of a wider procedure, for instance, on recruitment or on managing a tender process. Whatever it is, the bribery prevention procedure will need to ensure there is a practical and realistic means of achieving the corporation’s anti-bribery policy objectives across all of the corporation’s business and operation functions (see further commentary in v. below).
Although developing, introducing and implementing anti-bribery procedures to an existing system may be difficult for various reasons (e.g. legacy, culture, new management), this can be done over time by adopting a risk-based approach and with due allowance as to what is practicable.
Top lev el commitment – management to issue a message of commitment against bribery and to foster a culture of zero tolerance to bribery in all parts of the corporation’s business and operation functions, including instilling the anti-bribery message in the corporation’s management structure by, for instance, appointing an anti-bribery officer. As part of this top level engagement, the board (typically in a large multinational organisation) or top level managers (in smaller organisations) are to be responsible for the following, such as:
- setting anti-bribery policies and designing, applying and monitoring anti-bribery procedures, including keeping such policies and procedures under regular review:
- selecting and training senior managers to lead anti-bribery work where appropriate;
- taking leadership in awareness raising and encouraging transparent dialogue throughout the organisation so as to seek to ensure effective dissemination of antibribery policies and procedures to employees, subsidiaries, and associated persons, etc;
- arranging with relevant external bodies, for instance sectoral organisations, to help articulate the organisation’s policies;
- adopting an oversight of breaches of procedures and the provision of feedback to the board or equivalent, where appropriate, on levels of compliance;
- endorsing all bribery prevention related publications.
- Due diligence – implement due diligence policies and procedures to cover all parties to a business relationship and this will include, amongst other things, the corporation’s supply chain, agents and intermediaries, all forms of joint venture and similar relationships and all markets in which the corporation does business. Examples of enquiries that could form part of the due diligence for anti-bribery are as follows:
- Questions about the risk of bribery in the country of operation and types of bribery most commonly encountered;
- Questions about the risks that a particular business opportunity raises (e.g. whether the project is be priced at market prices or whether the project has a defined legitimate objective);
- Questions about the reputation, past behaviour and anti-corruption policies and procedures of prospective business partners;
- Questions whether there are risks of public office holder(s) to be linked to prospective business partners.
- Effective communication and implementation – ensure effective communication of the anti- bribery policies and procedures and also ensure effective implementation of such policies and procedures. Firstly, it is important that a corporation’s anti-bribery policies and procedures are to be communicated clearly, made accessible (e.g. through the corporation’s internal and external websites) and designed to be practical and enforceable (i.e. reflect the practical business issues that a corporation’s management and workforce face when conducting business without bribery). Such policies and procedures should take into account the roles of the work force in the corporation – from owners, board of directors to all employees and all people and entities over which the corporation has control. Examples of policies targeted on anti-bribery can include policies on decision making, financial control, hospitality and promotional expenditure, facilitation payments, penalties for breach of rules. In regards to the procedures, financial and auditing controls, disciplinary procedures and performance appraisals are examples of procedures that focus on prevention of bribery.
Secondly, for implementation to be effective, the following need to be addressed:
- who is to be responsible for implementation;
- how will the policies and procedures be communicated internally and externally;
- training – internal and external and should also consider offering or requiring the participation of business partners in anti-bribery training courses;
- reporting to top management;
- external assurance processes (if any);
- monitoring compliance;
- a clear statement of the penalties for breaches of policies and procedures;
- date of next review.
- Monitoring and review – ensure that monitoring and review systems / mechanisms are in place; for instance, financial monitoring and bribery reporting. Further, need to ensure that a corporation’s risk assessment and anti-bribery policies and procedures are up-to-date and take into account government changes, new or amended laws or regulations that apply to the corporation’s business, corruption convictions or negative press reports. It is also prudent to have external advisors such as lawyers and accountants to review and verify or assure the effectiveness of a corporation’s anti-bribery policies and procedures.
The Bribery Act creates a broader scope of offences and puts companies at risk of prosecution of bribery by those performing services for them or on their behalf in connection with their businesses. The corporate offence gives a compelling reason for companies to take robust precautions to guard acts of bribery being committed on their behalf, and to make sure that their anti-corruption compliance programmes meet the highest standards and reflect the statutory guidance as summarised above.
In addition to the Bribery Act and the FCPA, companies need to be aware of certain international sanctions that could be applicable when conducting business deals. For instance, under the EU Public Sector and Utilities Procurement Directives, public authorities are required to exclude from public contracts suppliers which have been convicted of a corruption offence. Hence, a corporate conviction for bribery, including a failure to prevent bribery, could potentially result in exclusion from contracts with EU member state governments.